Lucene search
K

132 matches found

OpenVAS
OpenVAS
added 2021/05/19 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for python-pygments (EulerOS-SA-2021-1887)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.03832EPSS
Exploits1References2
Fedora
Fedora
added 2021/05/06 12:53 a.m.40 views

[SECURITY] Fedora 33 Update: python-pygments-2.6.1-6.fc33

Pygments is a generic syntax highlighter for general use in all kinds of software such as forum systems, wikis or other applications that need to prettify source code. Highlights are: a wide range of common languages and markup formats is supported special attention is paid to details that increa...

7.5CVSS7.9AI score0.03832EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/04/14 12:0 a.m.21 views

Debian DSA-4890-1 : ruby-kramdown - security update

Stan Hu discovered that kramdown, a pure Ruby Markdown parser and converter, performed insufficient namespace validation of Rouge syntax highlighting formatters. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

9.8CVSS8.3AI score0.02805EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2021/04/13 12:0 a.m.14 views

Debian: Security Advisory (DSA-4890-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.02805EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/03/30 12:0 a.m.20 views

Debian DSA-4878-1 : pygments - security update

Ben Caller discovered that Pygments, a syntax highlighting package written in Python 3, used regular expressions which could result in denial of service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4878...

7.5CVSS7.5AI score0.03832EPSS
Exploits1References5
Debian
Debian
added 2021/03/27 1:58 p.m.79 views

[SECURITY] [DSA 4878-1] pygments security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4878-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 27, 2021 https://www.debian.org/security/faq -...

7.5CVSS7.8AI score0.03832EPSS
Exploits1
CNVD
CNVD
added 2021/03/25 12:0 a.m.5 views

Pygments Denial of Service Attack Vulnerability

Pygments is a general-purpose syntax highlighting tool for code hosting, forums, wikis, or other applications that need to beautify their source code. A denial of service vulnerability exists in Pygments versions 1.5 through 2.7.3. The vulnerability arises due to an infinite loop in the SMLLexer ...

7.5CVSS6.8AI score0.02707EPSS
Exploits0References1
Prion
Prion
added 2021/03/23 5:15 p.m.34 views

Input validation

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML SML source file, as demonstrated by input that only contains the "exception" keyword...

5CVSS7.1AI score0.02707EPSS
Exploits0References5Affected Software6
CVE
CVE
added 2021/03/23 4:40 p.m.345 views

CVE-2021-20270

CVE-2021-20270 describes an infinite loop in Pygments’ SMLLexer, affecting Pygments 1.5–2.7.3, which can cause DoS during syntax highlighting of StandardML sources (e.g., input containing only the keyword “exception”). Connected advisories confirm affected distributions (e.g., Debian, AlmaLinux, ...

7.5CVSS7.3AI score0.02707EPSS
Exploits0References5Affected Software1
AlpineLinux
AlpineLinux
added 2021/03/23 4:40 p.m.57 views

CVE-2021-20270

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML SML source file, as demonstrated by input that only contains the "exception" keyword...

7.5CVSS7.6AI score0.02707EPSS
Exploits0
Debian CVE
Debian CVE
added 2021/03/23 4:40 p.m.44 views

CVE-2021-20270

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML SML source file, as demonstrated by input that only contains the "exception" keyword...

7.5CVSS8.1AI score0.02707EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2021/03/05 10:35 a.m.47 views

CVE-2021-20270

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML SML source file, as demonstrated by input that only contains the "exception" keyword...

7.5CVSS3.3AI score0.02707EPSS
Exploits0References3
Veracode
Veracode
added 2021/01/08 4:5 a.m.10 views

Regular Expression Denial Of Service (ReDoS)

tinymce is vulnerable to regular expression denial of service. The vulnerability allows malicious ruby code samples to cause a denial of service condition in the browser while performing syntax highlighting...

2.5AI score
Exploits0
Github Security Blog
Github Security Blog
added 2021/01/06 7:25 p.m.31 views

Regex denial of service vulnerability in codesample plugin

Impact A regex denial of service ReDoS vulnerability was discovered in a dependency of the codesample plugin. The vulnerability allowed poorly formed ruby code samples to lock up the browser while performing syntax highlighting. This impacts users of the codesample plugin using TinyMCE 5.5.1 or...

0.2AI score
Exploits0References4Affected Software1
OSV
OSV
added 2021/01/06 7:25 p.m.15 views

GHSA-H96F-FC7C-9R55 Regex denial of service vulnerability in codesample plugin

Impact A regex denial of service ReDoS vulnerability was discovered in a dependency of the codesample plugin. The vulnerability allowed poorly formed ruby code samples to lock up the browser while performing syntax highlighting. This impacts users of the codesample plugin using TinyMCE 5.5.1 or...

7.1AI score
Exploits0References3
OpenVAS
OpenVAS
added 2020/12/31 12:0 a.m.22 views

Debian: Security Advisory (DLA-2511-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS9.6AI score0.01296EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/10/07 12:0 a.m.15 views

Fedora: Security Advisory for gitit (FEDORA-2020-1eaffe0013)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.5AI score0.01566EPSS
Exploits0References2
Fedora
Fedora
added 2020/10/06 3:7 p.m.15 views

[SECURITY] Fedora 31 Update: gitit-0.12.3.2-4.fc31

Gitit is a wiki backed by a git, darcs, or mercurial filestore. Pages and uploaded files can be modified either directly via the VCS's command-line t ools or through the wiki's web interface. Pandoc is used for markup processing, so pages may be written in extended markdown, reStructuredText,...

6.5CVSS0.1AI score0.01566EPSS
Exploits0
Fedora
Fedora
added 2020/10/06 3:2 p.m.36 views

[SECURITY] Fedora 32 Update: gitit-0.12.3.2-6.fc32

Gitit is a wiki backed by a git, darcs, or mercurial filestore. Pages and uploaded files can be modified either directly via the VCS's command-line t ools or through the wiki's web interface. Pandoc is used for markup processing, so pages may be written in extended markdown, reStructuredText,...

6.5CVSS0.1AI score0.01566EPSS
Exploits0
Fedora
Fedora
added 2020/09/29 12:17 a.m.35 views

[SECURITY] Fedora 33 Update: gitit-0.13.0.0-4.fc33

Gitit is a wiki backed by a git, darcs, or mercurial filestore. Pages and uploaded files can be modified either directly via the VCS's command-line t ools or through the wiki's web interface. Pandoc is used for markup processing, so pages may be written in extended markdown, reStructuredText,...

6.5CVSS0.1AI score0.01566EPSS
Exploits0
Rows per page
Query Builder